Tom Mens
Prof. Dr. Tom Mens obtained a PhD in Science in 1999 at the Vrije Universiteit Brussel, Belgium. He is full professor at the University of Mons in Belgium, where he directs the Software Engineering Lab. His research interests include software evolution, quality and health management of software ecosystems, and open source software analytics. He published numerous highly-cited scientific articles in peer-reviewed international software engineering conferences and journals. He is project leader of the joint Belgian FNRS-FWO Excellence of Science project SECOAssist “Automated Assistance for Developing Software in Ecosystems of the Future”.
Session
Semantic versioning (semver) is a commonly accepted open source practice, used by many package management systems to inform whether new package releases introduce possibly backward incompatible changes. Maintainers depending on such packages can use this practice to reduce the risk of breaking changes in their own packages by specifying version constraints on their dependencies. Depending on the amount of control a package maintainer desires to assert over her package dependencies, these constraints can range from very permissive to very restrictive.
We empirically compared the evolution of semver compliance in four package management systems: Cargo, npm, Packagist and Rubygems. We discuss to what extent ecosystem-specific characteristics influence the degree of semver compliance, and we suggest to develop tools adopting the wisdom of the crowds to help package maintainers decide which type of version constraints they should impose on their dependencies.
We also studied to which extent the packages distributed by these package managers are still using a 0.y.z release, suggesting less stable and immature packages. We explore the effect of such "major zero" packages on semantic versioning adoption.
Our findings shed insight in some important differences between package managers with respect to package versioning policies.